Permissions overview
Block public access (bucket settings)
Public access is granted to buckets and objects through access control lists (ACLs), bucket policies, access point policies, or all. In order to ensure that public access to all your S3 buckets and objects is blocked, turn on Block all public access. These settings apply only to this bucket and its access points. AWS recommends that you turn on Block all public access, but before applying any of these settings, ensure that your applications will work correctly without public access. If you require some level of public access to your buckets or objects within, you can customize the individual settings below to suit your specific storage use cases. Learn more
Bucket policy
The bucket policy, written in JSON, provides access to the objects stored in the bucket. Bucket policies don't apply to objects owned by other accounts. Learn more
Object OwnershipInfo:
Control ownership of objects written to this bucket from other AWS accounts and the use of access control lists (ACLs). Object ownership determines who can specify access to objects.
Access control list (ACL)
Grant basic read/write permissions to other AWS accounts. Learn more
Grantee | Objects | Bucket ACL |
|---|---|---|
Bucket owner (your AWS account) Canonical ID: | List, Write | Read, Write |
Everyone (public access) Group: | - | - |
Authenticated users group (anyone with an AWS account) Group: | - | - |
S3 log delivery group Group: | - | - |
Cross-origin resource sharing (CORS)
The CORS configuration, written in JSON, defines a way for client web applications that are loaded in one domain to interact with resources in a different domain. Learn more